Job Description

We are seeking a qualified and motivated individual to join our team as an ISO 27001:2013 Management
Representative. The ISO 27001 Management Representative will be responsible for overseeing the
implementation and maintenance of the information security management system (ISMS) based on the ISO
27001:2013 standard & GDPR regulations. The successful candidate will play a critical role in ensuring the
confidentiality, integrity, and availability of our organization\'s information assets.
Responsibilities:

• Serve as the primary point of contact for all matters related to ISO 27001:2013 and GDPR to fulfil the

information security management system.

• Develop, implement, and maintain the organization\'s ISMS in accordance with the ISO 27001:2013

standard.

• Conduct risk assessments and identify potential vulnerabilities and threats to the organization\'s

information assets.

• Collaborate with cross-functional teams to establish and monitor information security objectives and

targets.

• Define and implement information security policies, procedures, and controls based on ISO 27001:2013

requirements & GDPR.

• Ensure compliance with legal, regulatory, and contractual requirements related to information security.
• Conduct internal audits to assess the effectiveness of the ISMS and identify areas for improvement.
• Represent and support external audits and certifications related to ISO 27001:2013.
• Provide training and awareness programs on information security best practices to employees.
• Stay updated on emerging trends, technologies, and regulatory changes in the field of information

security.

• Responsible to drive Information security steering committee.
• In-depth understanding of GDPR regulations and requirements.

Qualifications:

• Bachelor\'s degree in a relevant field or equivalent experience.
• Strong knowledge of ISO 27001:2013 standard and experience in implementing and maintaining an

ISMS.

• Familiarity with information security frameworks, best practices, and regulatory requirements.
• Excellent understanding of risk management principles and methodologies.
• Experience conducting risk assessments and developing risk treatment plans.
• Strong analytical and problem-solving skills, with attention to detail.
• Effective communication and interpersonal skills, with the ability to collaborate with stakeholders at all

levels.

• Proficient in conducting internal audits, managing corrective actions and perform management review

meeting.

• Knowledge of information security technologies, tools, controls and GDPR regulations.
• Relevant certifications such as ISO 27001 Lead Implementer or Auditor and Certified GDPR Practitioner

is must.

• Must have been cleared at least 2-3 external audits as a management representative in an IT

organization.

Kaapro Management Solutions